Fraud review is the canonical dual-keyed audit case. An agent reads the risk signal, proposes a verdict, a human approves before money moves. Both signatures sit on the same row, timestamped, frozen. When a chargeback arbitrator asks who released the $4,200 order at 2:17 a.m. on Black Friday, the answer is one query.
Where the signal lives, where the decision lives
Stripe Radar and Shopify Fraud Analysis stay the source of truth for fraud signals. Risk scores, rule hits, device fingerprints, velocity flags, all of it lives on the platform that watched the transaction happen. Dock holds agent OUTPUT: the triage row, the signal interpretation, the hold or release recommendation. Each row carries stripe_charge_id or shopify_order_id and a pointer to the live risk score. Agents read fresh from the Radar or Fraud Analysis API on every review pass, never a stale snapshot. Dock's consent gate fires the action, release, refund, block, back through Stripe or Shopify ONLY after the dual-keyed approval lands. One key from the agent, one from a fraud analyst, both recorded with name and timestamp before any API call leaves the workspace.
A worked flow: high-risk order during BFCM
A $6,800 order lands on Cyber Monday. Radar scores it 78, rule hit on card_velocity_high plus email_domain_new. Sarah, the fraud agent, pulls the row into the BFCM Triage workspace. She reads the score live from Radar, cross-references the customer's prior order history through Shopify, writes her recommendation: hold, suspected card testing. She signs at 2:14 a.m.
Priya, the on-call fraud analyst, opens the row at 2:31. She sees Sarah's reasoning, the live Radar score (now 81, the customer tried a second card), and the order detail. She approves the hold and adds her note: refund authorized. Her signature lands at 2:33. Only then does Dock fire POST /v1/refunds to Stripe. The row freezes. Both signatures stay forever.
Five-step data flow
- Order arrives, Radar or Shopify Fraud Analysis scores it, webhook pushes a row into Dock with the platform ID and score pointer.
- Agent reads the signal live from the source API, writes interpretation and hold/release recommendation, signs.
- Human reviewer opens the row, sees agent reasoning plus a fresh score pull, approves or overrides.
- Dock consent gate fires the action (release, refund, block, 3DS step-up) back through Stripe or Shopify.
- Row freezes with both signatures, action receipt, and platform response code attached.
Why it matters
Chargeback defense gets clean: representment packets pull straight from the row, agent reasoning plus human approval plus action receipt. False positive recovery improves because every override is captured as training data for the next rule pass. Multi-tier review works without extra plumbing, a junior analyst signs the first key on low-risk holds, a senior signs the release on anything over a threshold. Same dual-keyed contract from the dangerous-ops contract and the two-key handshake post, applied where it pays for itself by the second prevented chargeback.
This is the audit story ecommerce teams ask for when they pilot Dock. Same workspace handles refund workflows, the broader ecommerce stack on Dock, and running an ecommerce stack with AI.
FAQ
Does Dock replace Radar's decision authority? No. Radar and Shopify Fraud Analysis keep scoring and rule logic. Dock holds the human-plus-agent review decision and the audit trail. Stripe Radar docs describe the platform's own review queues; Dock is the workspace where multi-party review and signature capture happen.
How does multi-tier review work? Each row can require N signatures before the action fires. Junior analysts sign tier one, seniors sign tier two on high-value or high-risk holds. The consent gate enforces order and identity.
What happens to false positives? Overrides are first-class rows. A human releasing a Radar-flagged order writes the reason on the row, which feeds a weekly tuning pass back to Radar rules.
Can one workspace coordinate signals across Stripe and Shopify? Yes. A row can carry both stripe_charge_id and shopify_order_id and pull scores from both APIs in the same review pass.
Spin up a fraud-review workspace at dock.ai and run your next BFCM with both signatures on the row.
Sources: Stripe Radar documentation · LexisNexis True Cost of Fraud Study